skill-navigator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Prompt Injection (SAFE): No malicious instructions designed to override agent behavior or bypass filters were detected. The skill uses standard instructional language for its navigator persona.
- Data Exposure & Exfiltration (SAFE): No sensitive file paths, hardcoded credentials, or network operations were found. The skill does not have the ability to transmit data externally.
- Unverifiable Dependencies & Remote Code Execution (SAFE): There are no scripts, package files, or remote code download patterns associated with this skill.
- Indirect Prompt Injection (SAFE): 1. Ingestion points: User input for task descriptions in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: No subprocess calls, no network operations, and no file-write capabilities were found in the skill. 4. Sanitization: No specific input sanitization or escaping of user data is performed. Although the surface exists, there are no capabilities for an attacker to leverage.
Audit Metadata